Firewall Analysis Audit and Repair – FW1, Cisco, Netscreen


Firewall Analysis And Repair (FAAR) Program

The key to repairing a network is how good the analysis is. Given the quality of the data being analysed, nothing is better than the server’s own log files.  However, simply audited data is no better than raw data, in that it does not point out where the problems exist.  That’s where the FAAR, 36Zero’s Firewall Analysis and Repair program comes into play.  Put simply, there are NO OTHER COMPANIES providing a Data Driven Analysis feeding into a programmed Solutions Package like ours.  It is because we have a programmed Solutions Package that we are UNIQUE.


36Zero-FAAR stands for the 36Zero Firewall Analysis and Repair program.  It uses the log files of each and every firewall/server to get the full picture of what each firewall or server is doing.  This covers what happens, what is not happening, and the rules “Used” and those that are redundant.  It picks up retired rules left in the rulebase that are not active, for whatever reason, and these will be highlighted.
The 36Zero Solutions program can go further, in that it can advise what rules need to be added to the rulebase, what rules need changing, and what to change to.  When rules mask or overlap each other, it points them out.  Then, it CREATES these rules (for your approval, for pasting into the rulebase) as part of the solutions package.


36Zero can create a completely refreshed and clean environment for your firewalls (and internal network) to work in.  The accuracy is in the analysis of the logfiles – it is impeccable as it is Data Driven.  With a clean set of rules to work with, and because the old or redundant rules are cleaned out, your system will react faster without any further capital expenditure on switches, servers or other equipment.  It also makes it much easier to maintain, reducing (internal) costs of system management, and reduces the need for immediate capital expenditure to speed up the network.


Once the rulebase has been changed, the solutions package of the FAAR (firewall analysis and repair program) will check the new rule as it works in place of the old rule.  You will see how the changed rules pick up on the missing elements highlighted by the analysis program, and how well they actually work.  Try asking your firewall team for something like that?  It’s just not done by any other company.


Many companies want to get an element of standardised security or networking certification simply to prove that management and control exists in the IT Department (yes, it is a big problem with senior management).  Once you have the 36Zero-FAAR program working for you, you will have the tools to take or show to the auditors and prove you are aware of network, firewall and server issues, and that you are creating systems to correct rogues and quicken internal services to your  customer base.  The exercise can help to reduce expenditure as the cleaned network will be sped up considerably, reducing or removing the immediate need to “Upgrade” as often, or, in some extreme cases we have cleaned, not at all.